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VII. Certain defects in the international application 

The following defects in the form or contents of the intemational application have been noted: 
see separate sheet 
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Re Item I 

Basis of the report 

1 . The amendments filed with fax dated 07.06.2000 introduce subject-matter which 
extends beyond the content of the application as filed, contrary to Article 34(2)(b) 
PCT. The amendments concerned are the following: 

Claim 1: 

Using the wording "used by certain applications downloaded from outside the 
workstation" instead of the wording "by unspecified applications" and after taking 
into account the definition of the term "unspecified applications" given in page 5, 
lines 15-16 of the description of the international application, it is considered that 
the new wording introduces subject-matter that extends the scope of the 
application as filed, the reasons being as follows: 

The amendments cannot be directly and unambiguously deduced from the 
application documents as filed. The new wording limits the scope of amended 
claim 1 to certain applications downloaded from outside a workstation. However, 
in the application documents as filed no specific embodiment refers to 
downloadable applications or even gives a hint that said "unspecified 
applications" are downloadable applications (downloadable applications are 
mentioned in the application only when describing existing background art). On 
the contrary the definition of "unspecified applications" given in the description 
allows for any kind of application to be considered as an "unspecified application" 
as long as it has not been identified in a pre-set list of applications. 

Claims 5. 14 and 22: 

Amended independent claim 5 and newly filed independent claims 14 and 22 
introduce also subject-matter which extends beyond the scope of the application 
as originally filed as they are also directed towards "applications downloaded from 
outside the workstation". The reasons for this opinion have been given in the 
paragraph above. 
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Claims 2-4, 9-11, 6-8. 12-13, 15-21, 23-26: 

Claims 2-4 and 9-1 1 are dependent from claim 1 . Therefore, claims 2-4 and 9-1 1 
are also not allowable. Correspondingly, claims 6-8 and 12-13, claims 15-21 and 
claims 23-26 are also not allowable, as they are dependent from claims 5, 14 and 
22 respectively. 

Re Item V 

Reasoned statement under Article 35(2) with regard to novelty, inventive step or 
industrial applicability; citations and explanations supporting such statement 

1 . Reference is made to the following documents: 

D1: EP-A-0 561 509 
D2: GB-A-2 312 767 

2. The present application does not meet the requirements of Articles 33(2) and (3) 
PCT, concerning novelty and inventive step. The reasons for this opinion are as 
follows: 

2. 1 Lack of novelty, Article 33(2) PCT: 
Claim 1: 

All features of independent claim 1 are known from D1 (references in 
parentheses refer to D1) which, using the wording of independent claim 1 , 
discloses a method for preventing hostile use of computer resources by an 
application (abstract; page 1, lines 21-24) comprising the steps of: providing 
a list of services that are not allowed for access by unspecified applications 
(protected resources in D1, see abstract and page 3, lines 6-13), preventing 
unspecified applications from accessing any resource directly (page 1, lines 
21-24; page 2, lines 54-58; page 3, lines 2-5), analysing any direct or indirect 
request for access to specific services, to determine whether such request is 
allowable according to said predefined list (in D1 umon is using a database 
to analyse and check a request, see page 3, lines 6-17; page 4, lines 6-21), 
allowing the workstation to process the request if it is allowable and refusing 
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processing if it is not allowable, wherein said resource can be any local or 
remote resource or any operation leading to a permanent cinange in the 
workstation or its periphery (page 3, lines 11-13; page 5, lines 7-15). 

2.2 Lack of inventive step, Article 33(3) PCX: 
Claim 5: 

Independent claim 5 defines a software agent which implements the method 
described in independent claim 1 . The use of software agents as a means 
for implementing security methods in computer systems is well known in the 
art (see e.g. D2, page 4, lines 3-9). Apart from this feature regarding the 
software agent, the technical subject-matter of independent claim 5 is 
directly equivalent to the technical subject matter of independent claim 1, 
which claim was shown to lack novelty here above. It would, therefore, be 
obvious to the person skilled in the art to combine the teaching of D1 with 
that of D2 and arrive at the apparatus described in claim 5. Therefore, the 
subject-matter of independent claim 5 does not involve an inventive step. 

3. Concerning the subject-matter of the dependent claims of the international 
application, taken in combination with the claim(s) on which they respectively 
depend, it is not considered to meet the requirements of the PCT regarding both 
novelty and inventive step. In particular, the following is noted concerning the 
respective subject-matter of dependent claims 2-4 and 6-8: 

Claim 2: 

The new feature introduced in dependent claim 2 is known from D1 (e.g. 
database tables used by the umon command, see page 3, lines 6-17). 

Claims 3-4: 

The new features introduced in dependent claims 3 and 4 refer to definitions 
of well known concepts on how to manage application and their associated 
resources (see e.g. abstract in D2). Adding these features therefore, does 
not involve an inventive step. 
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Claim 6-8: 

The new features introduced in dependent clainns 6-8 either are already 
known from D1 (e.g. claim 6, see page 3, lines 6-17 in D1; claim 7, see page 
3, lines 11-13; page 5, lines 7-15) or refer to well known concepts (claim 8) 
on how to manage applications and their associated resources (see e.g. 
abstract in D2). Adding these features therefore, does not involve an 
inventive step. 

Re Item VII 

Certain defects in the international application 

1. Contrary to the requirements of Rule 5.1(a)(ii) PCT, the relevant background art 
disclosed in documents D1 and D2 has not been mentioned in the description, nor 
have these documents been identified therein. 

2. In order to comply with the requirements of Rule 6.3(b)(i) and (ii) PCT, the 
independent claims should have been properly cast in the two part form using the 
wording "characterized by", with those features forming part of the prior art being 
placed in the preamble. 
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I. Basts of the report 

1 . This report has been drawn on the basis of {substitute sheets which have been furnished to the receiving Office in 
response to an invitation under Articie 14 are referred to in this report as "originaiiy filed" and are not annexed to 
the report since they do not contain amendments,): 

Description, pages: 

1 ,2,4-9 as originally filed 

3 with telefax of 01/05/2000 

Claims, No.: 

1 -8 as originally filed 

Drawings, sheets: 

1/3-3/3 as originally filed 

2. The amendments have resulted in the cancellation of: 

□ the description, pages; 

□ the claims, Nos.: 

□ the drawings, sheets: 

3. K This report has been established as if (some of) the amendments had not been made, since they have been 

considered to go beyond the disclosure as filed (Rule 70.2(c)): 

see separate sheet 

4. Additional observations, if necessary: 
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V. Reasoned statennent under Article 35(2) with regard to novelty, inventive step or industrial 
applicability; citations and explanations supporting such statement 

1. Statement 



Novelty (N) 


Yes: 


Claims 
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No: 


Claims 


1-2 


Inventive step (IS) 


Yes: 


Claims 






No: 


Claims 


1-8 


Industrial applicability (lA) 


Yes: 


Claims 
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2. Citations and explanations 
see separate sheet 

VII. Certain defects in the international application 

The following defects in the form or contents of the international application have been noted: 
see separate sheet 
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Re Item I 

Basis of the report 

1. The amendments filed with fax dated 07.06.2000 introduce subject-matter which 
extends beyond the content of the application as filed, contrary to Article 34(2)(b) 
PCT. The amendments concerned are the following: 

Claim 1: 

Using the wording "used by certain applications downloaded from outside the 
workstation" instead of the wording "by unspecified applications" and after taking 
into account the definition of the term "unspecified applications" given in page 5, 
lines 15-16 of the description of the international application, it is considered that 
the new wording introduces subject-matter that extends the scope of the 
application as filed, the reasons being as follows: 

The amendments cannot be directly and unambiguously deduced from the 
application documents as filed. The new wording limits the scope of amended 
claim 1 to certain applications downloaded from outside a workstation. However, 
in the application documents as filed no specific embodiment refers to 
downloadable applications or even gives a hint that said "unspecified 
applications" are downloadable applications (downloadable applications are 
mentioned in the application only when describing existing background art). On 
the contrary the definition of "unspecified applications" given in the description 
allows for any kind of application to be considered as an "unspecified application" 
as long as it has not been identified in a pre-set list of applications. 

Claims 5, 14 and 22: 

Amended independent claim 5 and newly filed independent claims 14 and 22 
introduce also subject-matter which extends beyond the scope of the application 
as originally filed as they are also directed towards "applications downloaded from 
outside the workstation". The reasons for this opinion have been given in the 
paragraph above. 
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Claims 2-4, 9-11, 6-8, 12-13, 15-21, 23-26: 

Claims 2-4 and 9-1 1 are dependent from claim 1. Therefore, claims 2-4 and 9-1 1 
are also not allowable. Correspondingly, claims 6-8 and 12-13, claims 15-21 and 
claims 23-26 are also not allowable, as they are dependent from claims 5, 14 and 
22 respectively. 

Re Item V 

Reasoned statement under Article 35(2) with regard to novelty, inventive step or 
industrial applicability; citations and explanations supporting such statement 

1 . Reference is made to the following documents: 

D1: EP-A-0 561 509 
D2: GB-A-2 312 767 

2. The present application does not meet the requirements of Articles 33(2) and (3) 
PCT, concerning novelty and inventive step. The reasons for this opinion are as 
follows: 

2.1 Lack of novelty, Article 33(2) PCT: 
Claim 1: 

All features of independent claim 1 are known from D1 (references in 
parentheses refer to D1) which, using the wording of independent claim 1 , 
discloses a method for preventing hostile use of computer resources by an 
application (abstract; page 1, lines 21-24) comprising the steps of: providing 
a list of services that are not allowed for access by unspecified applications 
(protected resources in D1, see abstract and page 3, lines 6-13), preventing 
unspecified applications from accessing any resource directly (page 1, lines 
21-24; page 2, lines 54-58; page 3, lines 2-5), analysing any direct or indirect 
request for access to specific services, to determine whether such request is 
allowable according to said predefined list (in D1 umon is using a database 
to analyse and check a request, see page 3, lines 6-17; page 4, lines 6-21), 
allowing the workstation to process the request if it is allowable and refusing 
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processing if it is not allowable, wherein said resource can be any local or 
remote resource or any operation leading to a permanent change in the 
workstation or its periphery (page 3, lines 11-13; page 5, lines 7-15). 

2.2 Lack of inventive step, Article 33(3) PCT: 
Claim 5: 

Independent claim 5 defines a software agent which implements the method 
described in independent claim 1. The use of software agents as a means 
for implementing security methods in computer systems is well known in the 
art (see e.g. D2, page 4, lines 3-9). Apart from this feature regarding the 
software agent, the technical subject-matter of independent claim 5 is 
directly equivalent to the technical subject matter of independent claim 1, 
which claim was shown to lack novelty here above. It would, therefore, be 
obvious to the person skilled in the art to combine the teaching of D1 with 
that of D2 and arrive at the apparatus described in claim 5. Therefore, the 
subject-matter of independent claim 5 does not involve an inventive step. 

3. Concerning the subject-matter of the dependent claims of the international 
application, taken in combination with the claim(s) on which they respectively 
depend, it is not considered to meet the requirements of the PCT regarding both 
novelty and inventive step. In particular, the following is noted concerning the 
respective subject-matter of dependent claims 2-4 and 6-8: 

Claim 2: 

The new feature introduced in dependent claim 2 is known from D1 (e.g. 
database tables used by the umon command, see page 3, lines 6-17). 

Claims 3-4: 

The new features introduced in dependent claims 3 and 4 refer to definitions 
of well known concepts on how to manage application and their associated 
resources (see e.g. abstract in D2). Adding these features therefore, d'^^? 
not involve an inventive step. 
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Claim 6-8: 

The new features introduced in dependent claims 6-8 either are already 
known from D1 (e.g. claim 6, see page 3, lines 6-17 in D1; claim 7, see page 
3, lines 11-13; page 5, lines 7-15) or refer to well known concepts (claim 8) 
on how to manage applications and their associated resources (see e.g. 
abstract in D2). Adding these features therefore, does not involve an 
inventive step. 

Re Item VII 

Certain defects in the international application 

1 . Contrary to the requirements of Rule 5. 1 (a)(ii) PCT, the relevant background art 
disclosed in documents D1 and D2 has not been mentioned in the description, nor 
have these documents been identified therein. 

2. In order to comply with the requirements of Rule 6.3(b)(i) and (ii) PCT, the 
independent claims should have been properly cast in the two part form using the 
wording "characterized by", with those features forming part of the prior art being 
placed in the preamble. 
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^ PCT/rL99/0013 

perfonn hostile activities thercoiL 

The security problem was solved partially by the browser manufectures which allow 
the user to disable the use of executables. Of course this is not a reasonable solutioji, 
since all the electronic commerce and advertising are based on the use of executables. 

In three copending patent applications of the same ^licants hereof; WO 98/40993, 
WO 99/16225 Am WO 99/29082, the descriptions of ^vbich aie incorporated herein 
by reference, there are described methods and means for preventing undesirable 
Executable Objects from infiltratins the LAN/WAN in ivhich we work and, 
ultimately, our workstation and server. WO 99/29082 further provides a method for 
enforcing a security policy for selectively preventing the downloading and execution 
of undesired Executable Objects in an individual workstation. ; 

WhUc much has been done in the abovementioned patcm applications towari 
protecting the individual workstation, one problem yet remained unsolved: the hostal 
use of local resources by applications which have passed any earlier securit>- check 
(e.g., a gateway security policy), because they did not contravene such security 
policy, or by applications which have not passed throu^ an earlier check point (such 
as a gateway equipped with a security policy check, as described in the 
aforementioned patent appUcations). either because such earlier point of check is not' 
available, or because the application has been loaded directly on the workstatioai 
Such hostile use of CPU resources may lead to damage to the data, operation 
and hardware of the woricstation and, under the conditions , 
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